Looking to streamline your TPRM? Join our Product Deep Dive Webinar with live Q&A!
Register Now
Release notes

Enhanced Security Profile reporting and customization

Mark Barber
Mark Barber
released Dec 17, 2025
Release notes imageEnhanced Security Profile reporting and customization

We’ve updated our Security Profile Risk Assessment reports to give users more flexibility and consistency. Users can now customize the Assessment Summary section to better tell their risk story by including the summary of control implementation statuses (implemented, partially implemented, not implemented). We’ve also aligned our PDF and Word reports to now include the Risk Summary and Control Summary directly in the report, ensuring users have the data they need, in the format they need.

Past dates for additional evidence expiry

We have updated Additional Evidence to allow users to select past dates for expiration. This flexibility ensures that users can accurately record and manage evidence that has a retrospective expiry date.

Detection for Next.js vulnerability (CVE-2025-66478)

We have introduced detection for CVE-2025-66478, a critical remote code execution vulnerability in Next.js applications exposed by the critical CVSS (10.0) CVE-2025-55182 react2Shell vulnerability. Users can now identify if their Next.js applications are running vulnerable versions, ensuring they can take remediation steps to upgrade to patched releases.

Expanded social media coverage

Our social media coverage has been expanded to include X (formerly Twitter) to detect security-relevant signals, such as impersonation, threats, and coordinated activity, using the same automated triage and workflows used across other Threat Monitoring sources.

Improved audit logging for Trust Center assets

We have enhanced the Audit Log to include granular details (like document names and types) when assets are added or removed from Trust Centers. We have also added Audit Log entries for the creation and deletion of Trust Centers. This update ensures that all lifecycle events of a Trust Center are recorded, providing users with comprehensive oversight of Trust Center management activities.

Other improvements

  • We have removed the provisional status for newly introduced risks related to exposed services and existing provisional risks such as HTTPS redirection to insecure protocols and untrusted SSL certificates. These risks will now contribute to the impact score, providing a more accurate reflection of the organization's security posture.
  • Users can now display a HiTrust E1 badge on their Trust Centers to demonstrate compliance with HiTrust E1 standards.
  • Users can now easily reconcile missing evidence linked to their Trust Centers directly from the evidence side panel.
  • Users can now more easily identify their Trust Centers using browser tab titles and an automatic naming structure for duplicated Centers (e.g. "Copy 1").
  • We have added a "Share" option to the Trust Center dropdown menu. Users can now easily access sharing capabilities for their Trust Centers directly from the main menu, enabling easy accessibility and collaboration.
  • This release includes several bug fixes.

  • Check icon
  • Check icon
  • Check icon
  • Check icon
  • Check icon
Book a free demo
View all release notes

UpGuard Release Notes

Learn about new features, changes, and improvements to UpGuard.
CVE-2025-55182: React RCE Detection
UpGuard logo
CVE-2025-55182: React RCE Detection
Abstract image background

CVE-2025-55182: React RCE Detection

CVE-2025-55182: React RCE Detection
Mark Barber
December 8, 2025
Introducing Multiple Trust Pages per UpGuard account
UpGuard logo
Introducing Multiple Trust Pages per UpGuard account
Abstract image background

Introducing Multiple Trust Pages per UpGuard account

Introducing Multiple Trust Pages per UpGuard account
Mark Barber
December 3, 2025
Our biggest release yet! User Risk is now in General Availability
UpGuard logo
Our biggest release yet! User Risk is now in General Availability
Abstract image background

Our biggest release yet! User Risk is now in General Availability

Our biggest release yet! User Risk is now in General Availability
Mark Barber
November 19, 2025
Workflow enhancement – streamlined threat triage
UpGuard logo
Workflow enhancement – streamlined threat triage
Abstract image background

Workflow enhancement – streamlined threat triage

Workflow enhancement – streamlined threat triage
Mark Barber
November 6, 2025
Expanded risk detection with new risk types
UpGuard logo
Expanded risk detection with new risk types
Abstract image background

Expanded risk detection with new risk types

Expanded risk detection with new risk types
Mark Barber
October 22, 2025
New detections for Cisco products
UpGuard logo
New detections for Cisco products
Abstract image background

New detections for Cisco products

New detections for Cisco products
Mark Barber
October 8, 2025
View all release notes
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

See UpGuard In Action

Book a free, personalized onboarding call with one of our cybersecurity experts.
Contact sales
Free demo
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Free score
Website Security scan resultsWebsite Security scan rating